Detections
Analytics
WordPress < 2.8.3 Multiple Security Bypass Vulnerabilities
medium Nessus Network Monitor Plugin ID 5120
Synopsis
The remote host is vulnerable to multiple attack vectors.Description
The remote host is running a version of WordPress earlier than 2.8.3. Such versions are reportedly affected by multiple security-bypass vulnerabilities in the 'wp-admin' administrative scripts. Authenticated attackers can exploit this issue to gain access to administrative functions.Solution
Upgrade to WordPress 2.8.3, or later.See Also
http://wordpress.org/development/2009/08/wordpress-2-8-3-security-release